The “hacktivist” collective known as Anonymous said it has a new target in its “cyber war” against Russia — Western businesses that are still doing business there.
A post on March 21 from a Twitter account named @YourAnonTV stated: “We call on all companies that continue to operate in Russia by paying taxes to the budget of the Kremlin’s criminal regime: Pull out of Russia!”
The tweet, which has been liked more than 23,000 times, gave companies 48 hours to comply.
The threat, which was later echoed on other Anonymous-affiliated Twitter accounts, included a photo with the logos of some 40 companies, including household names such as Burger King, Subway and General Mills.
The account later tagged more companies to the post, ostensibly putting them on notice that they, too, could soon be targeted.
CNBC contacted the companies mentioned in this story for comment. Most responses mirrored companies’ published press releases, which are linked throughout this story, that came after the posts.
Tire firm Bridgestone and Dunkin’ said by the time they were targeted by Anonymous, they had already publicly announced that they were pulling business from Russia.
Twitter users also pointed out that other companies, such as Citrix, had already announced similar measures. A blog posted on Citrix’s website states: “Unfortunately, we see many incorrect reports in social and traditional media concerning Citrix operations in Russia.”
Three targeted oil field service companies — Halliburton, Baker Hughes and Schlumberger — had also already issued announcements about their Russian business operations. The statements followed a Washington Post article that implored readers to stop investing in companies deemed to be “funding Putin’s war.”
Cyberattacks during the “fog of war” are dangerous, said Marianne Bailey, a cybersecurity partner at the consulting firm Guidehouse and former cybersecurity executive with the U.S. National Security Agency.
“A cyber strike back … could be directed to the wrong place,” she said.
However, it’s also possible Anonymous wasn’t impressed by some of these company’s pledges. Some companies — including Halliburton, Baker Hughes and Schlumberger — did not score well on a business list compiled by the Yale School of Management. The list categorizes some 500 companies according to whether companies halted or continued operations in Russia, giving them school-style letter grades.
Notably, Bridgestone’s decision received an “A” and Dunkin’ a “B” on Yale’s list.
Many companies that received “Fs” on Yale’s list appeared on a second Anonymous Twitter post published March 24. This post targeted a new — and seemingly updated — list of companies, which included Emirates airline, the French gardening retailer Leroy Merlin and the essential oil company Young Living.
Several companies caught in Anonymous’ crosshairs soon announced they were cutting ties with Russia, including the Canadian oilfield service company Calfrac Well Services and the sanitary product maker Geberit Group — the latter including hashtags for Anonymous and Yale in its Twitter announcement.
The French sporting goods company Decathlon this week announced it too was shutting stores in Russia. But Anonymous had already claimed credit for shuttering its Russian website, along with sites for Leroy Merlin and the French supermarket company Auchan.
Jeremiah Fowler, co-founder of the cybersecurity company Security Discovery, said his research determined that Anonymous also successfully hacked a database belonging to Leroy Merlin.
“I’m absolutely sure [Anonymous] found it,” he said, saying that the collective left messages and references inside the data.
Anonymous also claimed last week that it hacked a database of another targeted company, the Swiss food and beverage corporation Nestle. However, Nestle told CNBC that these claims had “no foundation.” The design and tech website Gizmodo reported that Nestle said it accidentally leaked its own information in February.